Q&A: The low down on the DDoS landscape

Enterprises today continue to grow in capacity and complexity and having 24/7 availability across all platforms and locations has become a number one priority - not an easy feat with today's threat landscape.

To delve a bit deeper into the world of network security and DDoS attacks, we spoke to Aftab Afzal, SVP and GM for EMEA at NSFOCUS IB.

  1. What did you take away from this year's Cloud Security Expo?

This year’s Cloud Security Expo was a great event and platform for us to meet with the public and industry experts to show case latest cyber security solutions. NSFOCUS showcased their Anti DDoS solution and provided a sneak preview of the global intelligence platform that underpins their protection offerings. The interest was overwhelming and the show also provide a great opportunity for NSFOCUS to meet with our customers.

  1. How have DDoS attacks developed in the last 12 months or so and why are they now so popular with hackers?

DDoS attack methods continue to evolve, and the last 12 months has seen no slow down in adoption by hacking communities. Reflection and amplification methods have been very popular and have been behind the new era of plus 200gbps attacks that generated a lot of media attention. However, low volume applications attacks and short burst drive by attacks have continued to plague many organisations and industries. The last 12 months saw the return of ransom attacks, however their attack types saw no dramatic change and used known methods. Other than an increase in size, complexity and frequency, the attack types continue to be aggregated and multi vector.

  1. Are there any specific variations across industries?

One could argue that cyber security is horizontal and industry verticals do not exist to same extent as other non security solutions. In the case of DDoS, anyone with a public facing IP address is a target and could be exposed to an attack. However, high value targets exist that can be industry or company specific. Finance, gaming, commerce and tier 1 enterprise along with government continue to be the most common and attractive targets.

  1. How can businesses defend against DDoS attacks?

Organisations should start by reviewing their current situation and conducting risk surveys to understand the potential impact of a DDoS attack. It is important to understand that not all solutions are equal; and regardless of whether you opt for an on premises, services provider or cloud solution, all will have limitations.

The ideal solution is a hybrid approach, however if you use multiple vendors this in itself will introduce complexities, so finding a vendor that can offer both cloud and on premises is a smart approach. An organisation’s approach to technology and vendor selection/ management will be an important consideration when selecting the correct partner.

  1. How do you expect the DDoS landscape to develop in 2016?

We expect the DDoS landscape to continue its fragmentation in 2016. The larger attacks will continue to grab headlines and be used by vendor marketing managers to validate their protection offering. Smaller attacks will also continue to increase in frequency as more users come online. Knowledge and tools to launch attacks can be found by a simple web search. Low cost and often free stress tester or DDoS attack tools are available to non technical users.

Whilst these tool are known by most vendors, and can be blocked easily with the current solutions, not everyone has deployed protection. 2016 will see more organisations and service provider to deploy protection and as a result new attack tools and techniques will emerge.

Image source: Shutterstock/sibgat